Skip to main content

Thin PC

How does a Thin PC work?

We have recently started recycling old PC's as Thin PC - using Windows 7 Embedded. So basically using them as terminal to a remote desktop server. Gives old machines a new lease of life for no cost (assuming you have a EES agreement with MS). The trick is to get the Thin PC to go straight to the rdp to the server you want. So key steps if you are interested are:

  • Put the Thin-PC in a OU where there is a group policy that auto logs on a standard user.
  • Change the shell from explorer to %windir%\system32\mstsc.exe
  • I have one script that calls a vbs script that runs the rdp session and loops to re-run it on exit or if the user tries to close the session. Key thing is to run the scripts silently so the user cannot close them.
  • Lock Crtl-Alt-Del down with gpo so user just gets Cancel as the only option. 

Anyone wants to know more - let me know.
Labels:

Popular posts from this blog

Delete a specific email using GAM

If a user send an inappropriate email to a loads of people or get stung by some sort of email exploit you can quickly delete the email from all of the recipients using a GAM command.
Step 1 - get the email header Go into Google Vault and search for the offending user or someone known to have got the message.
Click show details and grab the email ID. This will be a long string of characters followed by @mail.gmail.com
Step 2 - find out who has the email Go into Google Vault and find the original message sent by the offending user. Look at the details to see who got it. Copy the list and dump it into a spreadsheet. Clean up to just a list of emails with a column header 'mail'. Save as a csv file.
Step 3 - delete messages with GAM Put your CSV file in your GAM folder - this e.g. assumes its called mail.csv
Run:
gam csv mail.csv gam user ~mail delete messages query rfc822msgid:MESSAGEIDHERE doit

 The alternative nuke option is:
gam all users delete messages query rfc822msgid:MESSAGEI…
Read more

How to push bookmarks to users in Chrome via the management console

With the release of Chrome and ChomeOS 37 an update to the management console has arrived that allows you to push bookmarks to users.

Under Device Management > Chrome > User Settings > User Experience you will now find the option to add managed bookmarks.


In the example above, the bookmarks are applied to the sub-OU of 'students' - so all our students will get these bookmarks. Simply add your url and the bookmark name, click the + and save. These will appear in a folder called 'yourdomain bookmarks' - see below:



Be aware that to get these bookmarks applied on a Windows/OS-X device the user must be signed into Chrome. Update: if you install the latest group policy template you can push the bookmarks via policy on PCs - details are given here.
Video Guide:

Read more

Managed Android Apps on ChromeOS on an Edu G Suite Domain

Android Apps via the Play Store have been available on consumer accounts for some time on selected devices. We have 1:1 Acer R11's and have recently had the opportunity to trial them on G Suite Edu accounts.

From the point of view of the end user, they see the Play Store App appear on the shelf and have to agree to the terms and conditions. After that, force installed and pinned apps are immediately installed and they get access to the Google for Work Store. This only contains apps you have approved for that user.

For the administrator the steps are:

Enable Play Store Apps for the domainEnable access to the Play Store for specific Sub-OUs or usersAdd apps to Play for WorkSet permissions for each app - can install, force install or pin to shelf. This can be done differently for each app and each OU and is therefore very granular. 
Issues so far

Apps take a while to appear in the Play Store for users. Initially only force installed apps appear.You cannot set the permissions of multipl…
Read more